Go ahead groupOne of the UK’s largest bus operators, with franchises covering cities including Brighton, Hull, London, Newcastle, Oxford and Plymouth, it has ensured that it is a cyber attack which appears to have destroyed key internal systems.
The firm – which also operates train companies, although these were not affected – said it detected unauthorized activity on its network on 5 September.
Unconfirmed reports suggest that payrolls and bus and driver rosters may be affected, leading to service disruptions such as those seen during strike action as critical equipment and personnel are left in the wrong place at the wrong time.
A spokesperson for Go-Ahead said: “Upon becoming aware of the incident, Go-Ahead immediately engaged external forensic experts and took precautionary measures with its IT infrastructure while it continues to investigate the nature and extent of the incident and implement its incident response plan. .
“Go-Ahead will continue to assess the potential impact of the incident but confirms there is no impact on UK or international rail services, which are operating as normal.
“As a precaution, Go-Ahead has notified the relevant regulators, including the Information Commissioner’s Office [ICO] in the UK,” they said. “The board will provide further updates when appropriate.”
At the time of writing, Go-Ahead has not indicated the precise nature of the incident and it would be inappropriate to speculate further on the matter.
John Davies, UK and Ireland Director Sans Instituteprovider of cyber security training services, said the incident highlighted the potential of cybercrime as a tool to cause widespread, real-world disruption.
“At a time of great uncertainty and disruption – from the cost of living crisis to industrial action across transport services – this incident clearly shows hackers’ tactics to catch us off guard,” he said. “No organization is safe, and every citizen has a role to play in the digital fortress, whether protecting a country, a company or a consumer.
“Awareness and vigilance are critical weapons in our response to these threats,” Davis said. “Go-Ahead took and implemented immediate measures to counter the attack Incident response Plan to secure services, which sets a good example for other organizations.”